Merge "Add support for installing Passpoint profile via overloaded API" into oc-dev

am: 0697df2e29 Change-Id: I3e8b72f948a02f8ae2f994f1ab6080ec207ab0c3
author: Peter Qiu <zqiu@google.com> 2017-05-31 18:00:16 +0000
committer: android-build-merger <android-build-merger@google.com> 2017-05-31 18:00:16 +0000
commit: b50dbf503aacef67ec5de1e60066893eba6f65db (patch)
tree: c038f7e70ef54f04f87ff20ae06b552e14690ff7
parent: 6f41401a3847a08183e995d9d1a9c70b72e0c4f5 (diff)
parent: 0697df2e29a3255620760667e9192d82102cd85c (diff)
2 files changed, 51 insertions, 59 deletions
diff --git a/service/java/com/android/server/wifi/WifiServiceImpl.java b/service/java/com/android/server/wifi/WifiServiceImpl.java
index 19447e36d..ec05f7cec 100644
--- a/service/java/com/android/server/wifi/WifiServiceImpl.java
+++ b/service/java/com/android/server/wifi/WifiServiceImpl.java
@@ -68,7 +68,6 @@ import android.net.wifi.ScanSettings;
 import android.net.wifi.WifiActivityEnergyInfo;
 import android.net.wifi.WifiConfiguration;
 import android.net.wifi.WifiConnectionStatistics;
-import android.net.wifi.WifiEnterpriseConfig;
 import android.net.wifi.WifiInfo;
 import android.net.wifi.WifiLinkLayerStats;
 import android.net.wifi.WifiManager;
@@ -93,7 +92,6 @@ import android.os.UserHandle;
 import android.os.UserManager;
 import android.os.WorkSource;
 import android.provider.Settings;
-import android.text.TextUtils;
 import android.util.ArrayMap;
 import android.util.ArraySet;
 import android.util.Log;
@@ -105,6 +103,7 @@ import com.android.internal.telephony.IccCardConstants;
 import com.android.internal.telephony.PhoneConstants;
 import com.android.internal.telephony.TelephonyIntents;
 import com.android.internal.util.AsyncChannel;
+import com.android.server.wifi.hotspot2.PasspointProvider;
 import com.android.server.wifi.util.WifiHandler;
 import com.android.server.wifi.util.WifiPermissionsUtil;
 
@@ -120,7 +119,6 @@ import java.security.GeneralSecurityException;
 import java.security.KeyStore;
 import java.security.cert.CertPath;
 import java.security.cert.CertPathValidator;
-import java.security.cert.CertPathValidatorException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.PKIXParameters;
 import java.security.cert.X509Certificate;
@@ -1521,33 +1519,32 @@ public class WifiServiceImpl extends IWifiManager.Stub {
     public int addOrUpdateNetwork(WifiConfiguration config) {
         enforceChangePermission();
         mLog.trace("addOrUpdateNetwork uid=%").c(Binder.getCallingUid()).flush();
-        if (isValid(config) && isValidPasspoint(config)) {
 
-            WifiEnterpriseConfig enterpriseConfig = config.enterpriseConfig;
-
-            if (config.isPasspoint() &&
-                    (enterpriseConfig.getEapMethod() == WifiEnterpriseConfig.Eap.TLS ||
-                            enterpriseConfig.getEapMethod() == WifiEnterpriseConfig.Eap.TTLS)) {
-                if (config.updateIdentifier != null) {
-                    enforceAccessPermission();
-                }
-                else {
-                    try {
-                        verifyCert(enterpriseConfig.getCaCertificate());
-                    } catch (CertPathValidatorException cpve) {
-                        Slog.e(TAG, "CA Cert " +
-                                enterpriseConfig.getCaCertificate().getSubjectX500Principal() +
-                                " untrusted: " + cpve.getMessage());
-                        return -1;
-                    } catch (GeneralSecurityException | IOException e) {
-                        Slog.e(TAG, "Failed to verify certificate" +
-                                enterpriseConfig.getCaCertificate().getSubjectX500Principal() +
-                                ": " + e);
-                        return -1;
-                    }
-                }
+        // Previously, this API is overloaded for installing Passpoint profiles.  Now
+        // that we have a dedicated API for doing it, redirect the call to the dedicated API.
+        if (config.isPasspoint()) {
+            PasspointConfiguration passpointConfig =
+                    PasspointProvider.convertFromWifiConfig(config);
+            if (passpointConfig.getCredential() == null) {
+                Slog.e(TAG, "Missing credential for Passpoint profile");
+                return -1;
             }
+            // Copy over certificates and keys.
+            passpointConfig.getCredential().setCaCertificate(
+                    config.enterpriseConfig.getCaCertificate());
+            passpointConfig.getCredential().setClientCertificateChain(
+                    config.enterpriseConfig.getClientCertificateChain());
+            passpointConfig.getCredential().setClientPrivateKey(
+                    config.enterpriseConfig.getClientPrivateKey());
+            if (!addOrUpdatePasspointConfiguration(passpointConfig)) {
+                Slog.e(TAG, "Failed to add Passpoint profile");
+                return -1;
+            }
+            // There is no network ID associated with a Passpoint profile.
+            return 0;
+        }
 
+        if (isValid(config)) {
             //TODO: pass the Uid the WifiStateMachine as a message parameter
             Slog.i("addOrUpdateNetwork", " uid = " + Integer.toString(Binder.getCallingUid())
                     + " SSID " + config.SSID
@@ -2422,11 +2419,6 @@ public class WifiServiceImpl extends IWifiManager.Stub {
         return validity == null || logAndReturnFalse(validity);
     }
 
-    public static boolean isValidPasspoint(WifiConfiguration config) {
-        String validity = checkPasspointValidity(config);
-        return validity == null || logAndReturnFalse(validity);
-    }
-
     public static String checkValidity(WifiConfiguration config) {
         if (config.allowedKeyManagement == null)
             return "allowed kmgmt";
@@ -2455,33 +2447,6 @@ public class WifiServiceImpl extends IWifiManager.Stub {
         return null;
     }
 
-    public static String checkPasspointValidity(WifiConfiguration config) {
-        if (!TextUtils.isEmpty(config.FQDN)) {
-            /* this is passpoint configuration; it must not have an SSID */
-            if (!TextUtils.isEmpty(config.SSID)) {
-                return "SSID not expected for Passpoint: '" + config.SSID +
-                        "' FQDN " + toHexString(config.FQDN);
-            }
-            /* this is passpoint configuration; it must have a providerFriendlyName */
-            if (TextUtils.isEmpty(config.providerFriendlyName)) {
-                return "no provider friendly name";
-            }
-            WifiEnterpriseConfig enterpriseConfig = config.enterpriseConfig;
-            /* this is passpoint configuration; it must have enterprise config */
-            if (enterpriseConfig == null
-                    || enterpriseConfig.getEapMethod() == WifiEnterpriseConfig.Eap.NONE ) {
-                return "no enterprise config";
-            }
-            if ((enterpriseConfig.getEapMethod() == WifiEnterpriseConfig.Eap.TLS ||
-                    enterpriseConfig.getEapMethod() == WifiEnterpriseConfig.Eap.TTLS ||
-                    enterpriseConfig.getEapMethod() == WifiEnterpriseConfig.Eap.PEAP) &&
-                    enterpriseConfig.getCaCertificate() == null) {
-                return "no CA certificate";
-            }
-        }
-        return null;
-    }
-
     @Override
     public Network getCurrentNetwork() {
         enforceAccessPermission();
diff --git a/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java b/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java
index 64100e217..7342cdb16 100644
--- a/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java
+++ b/tests/wifitests/src/com/android/server/wifi/WifiServiceImplTest.java
@@ -61,8 +61,10 @@ import android.content.res.Resources;
 import android.net.IpConfiguration;
 import android.net.wifi.ScanSettings;
 import android.net.wifi.WifiConfiguration;
+import android.net.wifi.WifiEnterpriseConfig;
 import android.net.wifi.WifiManager;
 import android.net.wifi.WifiManager.LocalOnlyHotspotCallback;
+import android.net.wifi.hotspot2.PasspointConfiguration;
 import android.os.Handler;
 import android.os.HandlerThread;
 import android.os.IBinder;
@@ -1446,4 +1448,29 @@ public class WifiServiceImplTest {
     public void testStopWatchLocalOnlyHotspotNotSupported() {
         mWifiServiceImpl.stopWatchLocalOnlyHotspot();
     }
+
+    /**
+     * Verify that the call to addOrUpdateNetwork for installing Passpoint profile is redirected
+     * to the Passpoint specific API addOrUpdatePasspointConfiguration.
+     */
+    @Test
+    public void testAddPasspointProfileViaAddNetwork() throws Exception {
+        WifiConfiguration config = WifiConfigurationTestUtil.createPasspointNetwork();
+        config.enterpriseConfig.setEapMethod(WifiEnterpriseConfig.Eap.TLS);
+        when(mResources.getBoolean(com.android.internal.R.bool.config_wifi_hotspot2_enabled))
+                .thenReturn(true);
+
+        when(mWifiStateMachine.syncAddOrUpdatePasspointConfig(any(),
+                any(PasspointConfiguration.class), anyInt())).thenReturn(true);
+        assertEquals(0, mWifiServiceImpl.addOrUpdateNetwork(config));
+        verify(mWifiStateMachine).syncAddOrUpdatePasspointConfig(any(),
+                any(PasspointConfiguration.class), anyInt());
+        reset(mWifiStateMachine);
+
+        when(mWifiStateMachine.syncAddOrUpdatePasspointConfig(any(),
+                any(PasspointConfiguration.class), anyInt())).thenReturn(false);
+        assertEquals(-1, mWifiServiceImpl.addOrUpdateNetwork(config));
+        verify(mWifiStateMachine).syncAddOrUpdatePasspointConfig(any(),
+                any(PasspointConfiguration.class), anyInt());
+    }
 }
author	Peter Qiu <zqiu@google.com>	2017-05-31 18:00:16 +0000
committer	android-build-merger <android-build-merger@google.com>	2017-05-31 18:00:16 +0000
commit	b50dbf503aacef67ec5de1e60066893eba6f65db (patch)
tree	c038f7e70ef54f04f87ff20ae06b552e14690ff7
parent	6f41401a3847a08183e995d9d1a9c70b72e0c4f5 (diff)
parent	0697df2e29a3255620760667e9192d82102cd85c (diff)